As the Information Assurance analyst/engineer, you will serve on committees and workgroups as IA, and/or Information Technology (IT) security advisor, ensuring adherence to DoD, and Defense Information Systems Agency (DISA) policy related to information security.
Essential Job Functions:
Perform work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems, security programs, policies, procedures, and tools.
Compiles, develops, publishes, and maintains artifacts for the organization's DoD Information Assurance Certification and Accreditation Process utilizing the Risk Management Framework (RMF); prepares, develops, publishes, distributes, and maintains policy and plans, training, instructions, and guidance concerning Information Assurance issues, and the Information Systems Security of IT systems and access to information from such systems.
Conducts periodic surveys, audits and inspections to determine compliance with applicable regulations and policies, and reviews and evaluates the security impact of system changes, including interfacing with other automated systems.
Conducts risk/vulnerability assessments and detection/analysis to ensure compliance with EWG’s programs and supports the Information Assurance Manager (IAM) in the management of IA related program areas, projects, and actions to include, but not limited to DoD Ports, Protocols, and Services Management (PPSM) Registry, Public Key Infrastructure (PKI), Information Assurance Vulnerability Management (IAVM), IA Policies, IT security incident handling, and the Anti-Virus (AV) protection program.
The IA analyst/engineer is responsible for advising on protective measures that affect file access controls, software, and physical safeguards, vulnerability assessment scans, systems security evaluations and scans, audits, and reviews utilizing Secure Content Automated Protocol (SCAP) toolset and Security Technical Implementation Guides (STIGs).
Due to the sensitivity of customer related requirements, U.S. Citizenship is required.
A High School Diploma or GED plus 16 years of experience, an Associate's Degree plus 10 years of experience, a Bachelor's Degree plus 8 years of experience or a Master's Degree plus 6 years of experience is required.
Must be able to obtain and maintain a SECRET security clearance initially and eligible for a Top Secret SCI and Special Access Program SAP at a later date.
8 years of experience.
Knowledge of, and skill in applying methods for evaluating, implementing, and disseminating Information Technology (IT) security tools and procedures and IT security Certification and Accreditation (C&A) requirements to be able to inspect and monitor network and systems operations and evaluate system compliance with IT security requirements.
Knowledge of networking principals, processes, procedures and better business practices.
Knowledge of information systems security principles and methods to design, develop, implement, and manage systems, networks, and data that ensure confidentiality, integrity, and availability.
Skill in oral and written communication to prepare and present reports, interpret policies and guidelines, provide advice and guidance to customers, and represent the organization in interactions with other organizations.